<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
	<HEAD>
		<TITLE>无标题页</TITLE>
		<META http-equiv=Content-Type content="text/html; charset=utf-8">
		<LINK href="css/public.css" type=text/css rel=stylesheet>
		<LINK href="css/login.css" type=text/css rel=stylesheet>
		<STYLE type=text/css></STYLE>
		<META content="MSHTML 6.00.2900.5848" name=GENERATOR>
		<script type="text/javascript" src="js/jquery-1.7.1.js"></script>
		<script type="text/javascript">
   function reloadImage(){
    document.getElementById("identity").src="staffAction_checkCode.action?id="+new Date().getTime();
   }
  /*验证特殊字符*/
 function checkQuote(str){
  var items = new Array("~", "`", "!", "@", "#", "$", "%", "^", "&", "*", "{", "}", "[", "]", "(", ")");
   items.push(":", ";", "'", "|", "\\", "<", ">", "?", "/", "<<", ">>", "||", "//");
   items.push("select", "delete", "update", "insert", "create", "drop", "alter", "trancate");
    str = str.toLowerCase();
    for (var i = 0; i < items.length; i++) {
      if (str.indexOf(items[i]) >= 0) {
    return true;
   }  
}
return false;
}
function checkFrom(){
   var sn=$("#sn").attr("value");
   var pwd=$("#pwd").attr("value");
   var txt=$("#txtSN").attr("value");
  if(sn==""){
    $("#errorMessage").html("用户名不能为空!");
    return false;
   }

   else if(checkQuote(sn)){
    $("#errorMessage").html("用户名包含非法字符 !");
    return false;
   }
   else{
      $("#errorMessage").html("");
   }
   if(pwd==""){
    $("#errorMessage").html("密码不能为空 !");
     return false;
   }
   
   else if(checkQuote(pwd)){
     $("#errorMessage").html("密码包含非法字符 !");
   return false;
   }
  //alert("${randomString}");
   //if(txt!="${randomString}"){
     // $("#errorMessage").html("验证信息错误  !");
   //}
   return true; 
 }
 </script>
	</HEAD>
	<BODY>
		<form action="staffAction_login.action" method="post"
			onSubmit="return checkFrom();">
			<DIV id=div1>
				<TABLE id=login height="100%" cellSpacing=0 cellPadding=0 width=800
					align=center>
					<TBODY>
						<TR id=main>
							<TD>
								<TABLE height="100%" cellSpacing=0 cellPadding=0 width="100%">
									<TBODY>
										<TR>
											<TD colSpan=4>
												&nbsp;
											</TD>
										</TR>
										<TR height=30>
											<TD width=380>
												&nbsp;
											</TD>
											<TD>
												&nbsp;
											</TD>
											<TD>
												<div id="errorMessage" style="color: red;"></div>
												<label style="color: red;">
													${merrorMessage}
												</label>
											</TD>
											<TD>
												&nbsp;
											</TD>
										</TR>
										<TR height=40>
											<TD rowSpan=4>
												&nbsp;
											</TD>
											<TD>
												用户名：
											</TD>
											<TD>
												<INPUT id="sn" class=textbox name="mstaff.sn">
											</TD>
											<TD width=120>
												&nbsp;
											</TD>
										</TR>
										<TR height=40>
											<TD>
												密 码：
											</TD>
											<TD>
												<INPUT id="pwd" class=textbox type=password name="mstaff.pwd">
											</TD>
											<TD width=120>
												&nbsp;
											</TD>
										</TR>
										<TR height=40>
											<TD>
												验证码：
											</TD>
											<TD vAlign="middle" colSpan=2>

												<INPUT id=txtSN size=6 name="mcheckMesage">
												&nbsp;
												<IMG src="staffAction_checkCode.action" border=0
													id="identity">
												<A id=LinkButton1 onclick="reloadImage()"
													style="cursor: hand; padding: 5px">不清楚，再来一张</A>
											</TD>
										</TR>
										<TR height=40>
											<TD></TD>
											<TD align=right>
												<INPUT id=btnLogin type=submit value=" 登   录   "
													name=btnLogin>
											</TD>
											<TD width=120>
												&nbsp;
											</TD>
										</TR>
										<TR height=110>
											<TD colSpan=4>
												&nbsp;
											</TD>
										</TR>
									</TBODY>
								</TABLE>
							</TD>
						</TR>
						<TR id=root height=104>
							<TD>
								&nbsp;
							</TD>
						</TR>
					</TBODY>
				</TABLE>
			</DIV>
			<DIV id=div2 style="DISPLAY: none"></DIV>
		</form>
	</BODY>
</HTML>
